[Owasp-leaders] Fwd: Stepping down as Board Member

John Wilander john.wilander at owasp.org
Mon Feb 14 08:15:39 EST 2011

2011/2/14 Konstantinos Papapanagiotou <conpap at di.uoa.gr>

> John,
> I don't mean to underestimate the value that tech people and
> corresponding projects bring to an organization like OWASP but if we
> want to reach out to governments, standards organizations and key
> industry players we need those formal document-policy-oriented
> projects because that's the language that they understand.

I too think we need document and policy-oriented projects. But making OWASP
itself more formal will fend off tech people.

When a community hero as Michal Zalewski starts an email with "Oh, that
OWASP thing still around?;-)" I get worried.

I've seen it happen loads of times. A bunch of enthusiastic people start a
community. Some are technically driven and publish a lot of code and/or
tools. Then comes the process, policy, and document people to provide
structure. That far, all good. But the structure people attract more
structure people who in turn attract more document people. Suddenly the code
people feel alienated and leave.

Read "How Software Companies Die" by Orson Scott Card (1995) and you'll
understand what I mean. Relevant excerpts:

*Here's the secret that every successful software company is based on: You
can domesticate programmers the way beekeepers tame bees. You can't exactly
communicate with them, but you can get them to swarm in one place and when
they're not looking, you can carry off the honey.

Here's the problem that ends up killing company after company. All
successful software companies had, as their dominant personality, a leader
who nurtured programmers. But no company can keep such a leader forever.
Either he cashes out, or he brings in management types who end up driving
him out, or he changes and becomes a management type himself. One way or
another, marketers get control.

But...control of what? Instead of finding assembly lines of productive
workers, they quickly discover that their product is produced by utterly
unpredictable, uncooperative, disobedient, and worst of all, unattractive
people who resist all attempts at management. Put them on a time clock,
dress them in suits, and they become sullen and start sabotaging the
product. Worst of all, you can sense that they are making fun of you with
every word they say.

The shock is greater for the coder, though. He suddenly finds that alien
creatures control his life. Meetings, Schedules, Reports. And now someone
demands that he PLAN all his programming and then stick to the plan, never
improving, never tweaking, and never, never touching some other team's code.


   Regards, John

John Wilander, https://twitter.com/johnwilander
Chapter co-leader OWASP Sweden, http://owaspsweden.blogspot.com
 <http://owaspsweden.blogspot.com>Co-organizer Global Summit,
<http://www.owasp.org/index.php/Summit_2011>Conf Comm,
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-leaders/attachments/20110214/7e167c8a/attachment.html 

More information about the OWASP-Leaders mailing list